from django.http import JsonResponse
from django.views.decorators.http import require_http_methods
from utils.auth_decorators import (
    login_required, permission_required, role_required, 
    session_required, oauth_required, secure_api, rate_limit
)

# 基础认证示例
@login_required
@require_http_methods(["GET"])
def get_user_profile(request):
    """获取用户信息 - 需要登录"""
    return JsonResponse({
        "code": 0,
        "msg": "获取成功",
        "data": {
            "user_info": request.user_info,
            "user_id": request.user_id
        }
    })

# 权限控制示例
@permission_required(['user:read', 'profile:view'])
@require_http_methods(["GET"])
def get_protected_data(request):
    """获取受保护数据 - 需要特定权限"""
    return JsonResponse({
        "code": 0,
        "msg": "获取成功",
        "data": {"protected_data": "sensitive_info"}
    })

# 角色控制示例
@role_required(['admin', 'manager'])
@require_http_methods(["POST"])
def admin_operation(request):
    """管理员操作 - 需要管理员角色"""
    return JsonResponse({
        "code": 0,
        "msg": "操作成功",
        "data": {"result": "admin_action_completed"}
    })

# 会话管理示例
@session_required
@require_http_methods(["GET"])
def get_session_data(request):
    """获取会话数据 - 需要有效会话"""
    return JsonResponse({
        "code": 0,
        "msg": "获取成功",
        "data": {"session_active": True}
    })

# OAuth认证示例
@oauth_required('dingtalk')
@require_http_methods(["GET"])
def dingtalk_user_info(request):
    """钉钉用户信息 - 需要钉钉OAuth"""
    return JsonResponse({
        "code": 0,
        "msg": "获取成功",
        "data": {
            "oauth_info": request.oauth_info,
            "provider": "dingtalk"
        }
    })

# 频率限制示例
@rate_limit(max_requests=10, window=60)
@login_required
@require_http_methods(["POST"])
def limited_action(request):
    """受限操作 - 每分钟最多10次"""
    return JsonResponse({
        "code": 0,
        "msg": "操作成功",
        "data": {"action": "completed"}
    })

# 组合装饰器示例
@secure_api(
    permissions=['user:write', 'data:modify'],
    roles=['admin'],
    rate_limit_config={'max_requests': 5, 'window': 60}
)
@require_http_methods(["PUT"])
def secure_update(request):
    """安全更新操作 - 组合多种验证"""
    return JsonResponse({
        "code": 0,
        "msg": "更新成功",
        "data": {"updated": True}
    })

# 多权限示例
@permission_required(['department:read'])
@require_http_methods(["GET"])
def get_departments_auth(request):
    """获取科室列表 - 需要科室读取权限"""
    from .views import get_departments
    return get_departments(request)

# 医生操作权限示例
@permission_required(['doctor:read'])
@require_http_methods(["GET"])
def get_doctors_auth(request, department_id):
    """获取医生列表 - 需要医生读取权限"""
    from .views import get_doctors_by_department
    return get_doctors_by_department(request, department_id)

# 预约权限示例
@permission_required(['appointment:create'])
@session_required
@require_http_methods(["POST"])
def create_appointment_auth(request):
    """创建预约 - 需要预约创建权限和有效会话"""
    return JsonResponse({
        "code": 0,
        "msg": "预约创建成功",
        "data": {"appointment_id": "12345"}
    })